- From: <bugzilla@jessica.w3.org>
- Date: Thu, 05 Aug 2010 14:44:33 +0000
- To: public-html-bugzilla@w3.org
http://www.w3.org/Bugs/Public/show_bug.cgi?id=9602 --- Comment #15 from Shelley Powers <shelleyp@burningbird.net> 2010-08-05 14:44:32 --- (In reply to comment #14) > No, what is insecure is just stripping <script> elements and thinking that is > sufficient and not anticipating further changes to the language. You're arguing oranges, and I'm trying to call an apple and apple. Point blank: you can't count on JavaScript showing as disabled in order to determine when autofocus should, or should not, be allowed to work in a page. Not if the whole point of the exercise is to provide the same level of security as exists today with the JavaScript-enabled auto focus capability. JavaScript being disabled is not a 100% guaranteed indicator. -- Configure bugmail: http://www.w3.org/Bugs/Public/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the QA contact for the bug.
Received on Thursday, 5 August 2010 14:44:34 UTC